Make {TERM, b} messages count towards {BVAL, b} thresholds

[Vagabond]

This prevents slow nodes not sending an AUX because they don't count
{TERM, b} towards 2f+1 {BVAL, b} messages. This also prevents f+1
{BVAL, b} messages from triggering a send of {BVAL, b} if it has not
already been sent.

Additionally don't lose the fact that we broadcast a bval value.

[coveralls]

Pull Request Test Coverage Report for Build 368

• 7 of 8 (87.5%) changed or added relevant lines in 1 file are covered.
• 1 unchanged line in 1 file lost coverage.
• Overall coverage increased (+0.07%) to 82.851%

---

Changes Missing Coverage	Covered Lines	Changed/Added Lines	%
src/hbbft_bba.erl	7	8	87.5%

Files with Coverage Reduction	New Missed Lines	%
src/hbbft_bba.erl	1	82.67%

Totals
Change from base Build 364:	0.07%
Covered Lines:	401
Relevant Lines:	484

---

💛 - Coveralls

[evanmcc]

I have some safety concerns here. This implementation allows nodes to effectively vote twice for a value. I think that this is only safe if the witness tracks the source and only allows one vote per node.

[Vagabond]

Which kind of vote, it is technically valid, I think, for a node to vote for a bval value twice?

[evanmcc]

I guess I was thinking that a malign set of nodes could emit both immediately, which would push the node over the threshold I think?

[Vagabond]

add_witness has an 'allow union' flag that prevents changing your vote in the case of a TERM message. BVAL votes are allowed to be made for both values (as the node will emit a {BVAL, b} message once it sees f+1 {BVAL, b} messages).

I'm not clear how many AUX messages can be emitted per round. I think just one, but I'm not sure. Currently it allows a node to propose both.

CONF messages don't use add_witness, but they probably should. and they should allow only a single vote from a node per round.

[Vagabond]

I have added a commit to prevent more than one AUX or CONF message per round. TERM was already limited and BVAL should allow multiples.